Issue creating TOTP for ldap

gwlim · May 27, 2022, 1:04pm

I am having issue enabling TOTP after authentication with LDAP
LDAP Login without TOTP works fine
I followed this guide without facing any errors
Active Directory Auth Method with TOTP Login MFA | Vault - HashiCorp Learn
However the TOTP does not work after login
The server does not show any errors when debugging is enabled

vault login -method=ldap username=user
Password (will be hidden):
Enter the passphrase for methodID "9b6bbfbb-9e62-db24-7d98-d105172283d4" of type "totp":
Error making API request.

URL: PUT http://172.17.0.2:8200/v1/sys/mfa/validate
Code: 403. Errors:

* failed to satisfy enforcement adtotp. error: 2 errors occurred:
        * failed to validate TOTP passcode
        * login MFA validation failed for methodID: [9b6bbfbb-9e62-db24-7d98-d105172283d4]

theJaxon · June 28, 2022, 1:13pm

I’m facing the same problem, I followed same guide but with userpass auth method and i’m getting the exact same error

theJaxon · July 6, 2022, 2:24pm

Following MFA Login with Vault TOTP | docmoa
It only worked with SHA1 TOTP Algorithm

mircea-c · October 26, 2022, 7:08pm

Can confirm that I’ve ran into the same issue and it only worked when I switched to SHA1 TOTP Algorithm

emrocha · November 4, 2022, 8:12pm

Same issue here. It only worked with SHA1 TOTP Algorithm

L-69 · April 12, 2023, 9:14am

How to bind the totp key with the ldap entity